Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 164

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 167

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 170

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 173

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 176

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 178

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 180

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 202

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 206

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 224

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 225

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 227

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 321

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 321

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 321

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/includes/class.layout.php on line 321

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/admin/class.options.metapanel.php on line 56

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/admin/class.options.metapanel.php on line 56

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/admin/class.options.metapanel.php on line 56

Warning: Creating default object from empty value in /home3/freesms/public_html/LLsocial.com/wp-content/themes/platform/admin/class.options.metapanel.php on line 49
Pinterest hacked. Hundreds of thousands of users are unknowing posting spam pins. | LL Social

I have two new blog posts with details of the July hacking of Pinterest accounts.

Pinterest hack details

On Saturday morning Pinterest users began seeing pins show up on their boards without ever pinning them, and in this case it appears users did nothing wrong.

I observed a $1000 free Walmart card image show up around 8AM CST when looking at the feed of people I follow, but I didn’t think anything of it. This afternoon Craig Fifield blogged about his wife’s experience with the spam pins. By this evening hundreds of thousands of these pins were showing up on Pinterest. Each spam offer pin (Walmart, Bestbuy and Starbucks were the main ones) had tens of thousands of repins listed in connection with them.

These spam offer pins aren’t happening because a user clicks on any spam links; meaning it is highly likely that Pinterest itself or some process in their system has been hacked.

In writing up this post, I went to the @free Pinterest page. I didn’t see any of these spam pins, so I started writing up what I learned. Five minutes later my wife sent me an instant message indicating that the @free Pinterest account had sent out the Best Buy spam offer. I didn’t do anything except go to the Pinterest website. I was already logged into my account.

My initial thought this afternoon was that someone could be using a brute force attack to figure out passwords, but based on my own experience and the vast nature of the pins, it looks increasing likely that someone has hacked Pinterest and figure out how to pin to a large number of people’s boards. Even a Pinterest engineer has two spam offers on his board as I write this. Kelly Lieberman pointed this out on Facebook.

Some good sized brands like Lidnt Chocolate also are putting out these offers.

It is very possible that no passwords have been compromised, but rather someone is actually hacking Pinterest itself. With the quantity of these spam pins, it looks to be the work of some kind of bot. I reported over a month ago about an account that followed over one million Pinterest accounts in one day. This seems like a similar technological exploit, but with much greater implications.

In addition to the unauthorized posts, its seems that the hack makes the edit button disappear on some of the offending pins. Where the edit button should have been is just a blank space. I list below a way to resolve this issue with a quick work-around. But the removing of this button points to how sophisticated the hack is and how open the Pinterest system is to exploiting.

One of the offending accounts that seemed to the basis for the Best Buy gift card offer is now returning a 404 error, so hopefully Pinterest is addressing this issue.

Update 3/18: The hack occurring on St. Patrick’s Day likely allowed these pins to go unnoticed by the Pinterest team for longer than would have occurred on normal weekday. Starting last night around 10PM CST, Pinterest began deleting the offending pins. As of this morning, a review of multiple Pinterest streams indicated that the hack issue seems to be resolved.

If your account has been hacked, you can delete the pin.

1. Go to specific pin page on Pinterest.

2. Add

/edit

to the end of the pin url.

3. Hit enter.

4. Delete the pin just like you would any other pin.

5. Confirm you want to delete.

Thanks to Mariam Shahab for sharing the basis of these tips.

 

 

Tagged with:
 

5 Responses to Pinterest hacked. Hundreds of thousands of users are unknowing posting spam pins.

  1. Hi Josh,

    Thanks for the mention, but my name is Craig not Doug :)

    Also, thanks for the additional steps, I had no issues deleting my pins but others have had trouble.

  2. avatar Josh Davis says:

    Sorry about that Craig. I update the post to correct your name.

    It may have been the later rounds that removed the edit button. In the case of the @free pin. There was no edit button listed so I had to use the work-around.

  3. avatar Gr8typist says:

    I got the Best Buy PIN yesterday, St. Patrick’s Day, from a friend. It took me a while to figure out how to delete the PIN. Now this morning a new ad just magically appeared from some weight loss thing. None of my friends had posted that, as far as I can tell. I got the second one deleted too and changed my account password. Hopefully this will get cleared up soon — I do not want my boards to be filled with unsolicited spam!

  4. Josh,
    I have to give you mad props — you’ve been providing consistently good coverage over Pinterest’s hiccups. Keep it up!
    Lisa

    • avatar Josh Davis says:

      Thanks Lisa.

      I largely find these issues because I enjoy Pinterest and keep using them. Despite all these issues, I hope they come through all of this ok and can keep doing what they are doing, just better. Their growth has outpaced their staff, but hopefully they can quickly resolve these issue in the near future.